A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Microsoft Windows 8 » Windows 8 Help Forum
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

Windows 8 Firewall - How Good Is It?



 
 
Thread Tools Rating: Thread Rating: 2 votes, 5.00 average. Display Modes
  #16  
Old June 10th 13, 07:55 PM posted to alt.comp.os.windows-8
Todd[_5_]
external usenet poster
 
Posts: 724
Default Windows 8 Firewall - How Good Is It?

On 06/09/2013 04:28 AM, mechanic wrote:
On Sat, 08 Jun 2013 17:47:35 -0400, Juan Wei wrote:

If you are shooting through a NAT router (if your
I.P. is 192.168.xxx.xxx, you have a NAT router),
you will need to connect directly to the Internet.


How do you do that?


And why?


Because a NAT router will reject unsolicited packets
comes at it and these test packets will never get
through to your firewall. Reasonable test of your
router. But, not of your personal firewall.


Ads
  #17  
Old June 10th 13, 08:18 PM posted to alt.comp.os.windows-8
Todd[_5_]
external usenet poster
 
Posts: 724
Default Windows 8 Firewall - How Good Is It?

On 06/09/2013 09:59 AM, Juan Wei wrote:
Juan Wei has written on 6/8/2013 5:47 PM:
Todd has written on 6/8/2013 4:23 PM:
Is anybody here concerned about the effectiveness of the
Windows 8 firewall? Did you install a third-party one?

Hi,

I write iptables (Linux) firewalls for a living.

One of the big issues with M$ is that they couldn't give
a hoot about security. They are all about marketing.
M$ has frequently left services open that can be
easily exploited.

Go look how your firewall performs for yourself at
GRC. You are looking for the Shields Up test.

https://www.grc.com/x/ne.dll?bh0bkyd2

If you are shooting through a NAT router (if your
I.P. is 192.168.xxx.xxx, you have a NAT router),
you will need to connect directly to the Internet.


How do you do that?

You want all your ports to be in stealth mode (drop)
when probed from the outside, unless you deliberately
have a service open for something.


My Westell 327W has these firewall modes:

1. Maximum Security (High) The high security setting only allows basic
Internet functionality. The High security setting guarantees to only
pass Mail, News, Web, FTP, and IPSEC. All other traffic is not allowed.
High security restricts modification by NAT configuration options.

2. Typical Security (Medium) The medium security setting only allows
basic Internet functionality by default, just like High level security.
Medium security, however, allows customization through Port Forwarding
configuration so certain traffic can pass.

3. Minimum Security (Low) The low security setting will allow all
traffic except for known attacks. With low, your modem is visible by
other computers on the Internet.

4. No Security

5. Custom Security. Default "Inbound" rules:

title [ Security Level Low IN rules ]

begin
RulesDropFrom192
drop from addr %LANADDR%:%LANMASK% done, alert 0 [WAN Traffic from
LAN IP]
RulesPass
pass all

RulesDropAddress
drop from addr 0.0.0.0 done, alert 4 [ 0.0.0.0 Source IP Address]
RulesPassUDP
pass protocol udp, to port 53 done
pass protocol udp, from port 53 done

RulesDropICMP
drop protocol icmp alert 4 [ICMP Message To WAN IP]
RulesDropWANUDP
drop protocol udp, to addr %WANADDR%:32 done, alert 4 [UDP WAN
Traffic to WAN IP]
RulesDropWANTCP
drop protocol tcp, to addr %WANADDR%:32 done, alert 4 [TCP WAN
Traffic to WAN IP]
RulesPassGoodICMP
pass protocol icmp, to addr %WANADDR%:32 done, alert 0 [Responding to
WAN Ping]
RulesPassGoodICMP
pass protocol icmp, to addr %LANADDR%:%LANMASK% done, alert 0 [Nat'ed
LOCAL PING]
end

Default "Outbound" rules:

title [ Security Level Low OUT rules ]

begin
RulesDropNETBIOS
drop to port = 135, to port = 139 done, alert 4 [Dropping NETBIOS
Traffic]

RulesPass
pass all

end


What do you recommend?

Many thanks. You're providing a very important service here.


Just go for the Typical (Medium). The High will be a pain in the butt.
Make sure you have your personal firewall (meaning the one on your own
computer) active as well.

The idea here is to set up several fences. Don't rely on a single
fence for all your protection. It is easy for the bad guys to find
ways over a single fence, but multiples give them a bad time.

Another good fence is to not use Internet Explorer or anything that uses
it for its rendering engine (Outlook, etc.)

And, use only as many Windows based computers as you are forced to.
  #18  
Old June 10th 13, 08:35 PM posted to alt.comp.os.windows-8
Juan Wei
external usenet poster
 
Posts: 553
Default Windows 8 Firewall - How Good Is It?

Todd has written on 6/10/2013 3:18 PM:

snip

Just go for the Typical (Medium). The High will be a pain in the butt.
Make sure you have your personal firewall (meaning the one on your own
computer) active as well.

The idea here is to set up several fences. Don't rely on a single
fence for all your protection. It is easy for the bad guys to find
ways over a single fence, but multiples give them a bad time.

Another good fence is to not use Internet Explorer or anything that uses
it for its rendering engine (Outlook, etc.)


Even IE10???

Thanks.
  #19  
Old June 10th 13, 08:44 PM posted to alt.comp.os.windows-8
mechanic[_2_]
external usenet poster
 
Posts: 13
Default Windows 8 Firewall - How Good Is It?

On Mon, 10 Jun 2013 11:55:29 -0700, Todd wrote:

On 06/09/2013 04:28 AM, mechanic wrote:
On Sat, 08 Jun 2013 17:47:35 -0400, Juan Wei wrote:

If you are shooting through a NAT router (if your
I.P. is 192.168.xxx.xxx, you have a NAT router),
you will need to connect directly to the Internet.

How do you do that?


And why?


Because a NAT router will reject unsolicited packets
comes at it and these test packets will never get
through to your firewall. Reasonable test of your
router. But, not of your personal firewall.


So? What gets through to my machine - or not - is what I want to
know. If it's the router that stops the bad guys that's fine by me.
  #20  
Old June 10th 13, 08:47 PM posted to alt.comp.os.windows-8
Todd[_5_]
external usenet poster
 
Posts: 724
Default Windows 8 Firewall - How Good Is It?

On 06/10/2013 12:44 PM, mechanic wrote:
On Mon, 10 Jun 2013 11:55:29 -0700, Todd wrote:

On 06/09/2013 04:28 AM, mechanic wrote:
On Sat, 08 Jun 2013 17:47:35 -0400, Juan Wei wrote:

If you are shooting through a NAT router (if your
I.P. is 192.168.xxx.xxx, you have a NAT router),
you will need to connect directly to the Internet.

How do you do that?

And why?


Because a NAT router will reject unsolicited packets
comes at it and these test packets will never get
through to your firewall. Reasonable test of your
router. But, not of your personal firewall.


So? What gets through to my machine - or not - is what I want to
know. If it's the router that stops the bad guys that's fine by me.


True, but not the question. The question was how well a
particular personal firewall worked. You can't test it if
something else is in the way.

By all means, put the NAT router back in place after you
test your personal firewall!
  #21  
Old June 10th 13, 08:53 PM posted to alt.comp.os.windows-8
Todd[_5_]
external usenet poster
 
Posts: 724
Default Windows 8 Firewall - How Good Is It?

On 06/10/2013 12:35 PM, Juan Wei wrote:
Todd has written on 6/10/2013 3:18 PM:

snip

Just go for the Typical (Medium). The High will be a pain in the butt.
Make sure you have your personal firewall (meaning the one on your own
computer) active as well.

The idea here is to set up several fences. Don't rely on a single
fence for all your protection. It is easy for the bad guys to find
ways over a single fence, but multiples give them a bad time.

Another good fence is to not use Internet Explorer or anything that uses
it for its rendering engine (Outlook, etc.)


Even IE10???

Thanks.


Don't use IE period.

Firefox, by the way, pays a bounty of $2500.00 for security bugs
(or use to). It usually takes them about two days to fix a
security bug. They are really, really serious about security.
(You can still catch a virus with Firefox -- it's just a lot
harder.)

M$ of the other hand, takes six months to never to fix security bugs.
Blaster was one of these viruses. The bad guy just had to look up
on the web to see what vulnerability had not been fixed and write
his virus to match. Easy stuff.

Another couple of fences: turn off (uninstall) Java and Flash if
you don't need them. (I need them, but then again, I am not
sending you this from Windows.)

-T
  #22  
Old June 10th 13, 08:59 PM posted to alt.comp.os.windows-8
Juan Wei
external usenet poster
 
Posts: 553
Default Windows 8 Firewall - How Good Is It?

Todd has written on 6/10/2013 3:53 PM:
On 06/10/2013 12:35 PM, Juan Wei wrote:
Todd has written on 6/10/2013 3:18 PM:

snip

Just go for the Typical (Medium). The High will be a pain in the butt.
Make sure you have your personal firewall (meaning the one on your own
computer) active as well.

The idea here is to set up several fences. Don't rely on a single
fence for all your protection. It is easy for the bad guys to find
ways over a single fence, but multiples give them a bad time.

Another good fence is to not use Internet Explorer or anything that uses
it for its rendering engine (Outlook, etc.)


Even IE10???

Thanks.


Don't use IE period.


Why not?
  #23  
Old June 10th 13, 09:01 PM posted to alt.comp.os.windows-8
Juan Wei
external usenet poster
 
Posts: 553
Default Windows 8 Firewall - How Good Is It?

Todd has written on 6/8/2013 4:23 PM:
Go look how your firewall performs for yourself at
GRC. You are looking for the Shields Up test.

https://www.grc.com/x/ne.dll?bh0bkyd2

If you are shooting through a NAT router (if your
I.P. is 192.168.xxx.xxx, you have a NAT router),
you will need to connect directly to the Internet.



How do you connect directly to the Interne if you have a NAT router?

Thanks.
  #24  
Old June 10th 13, 09:09 PM posted to alt.comp.os.windows-8
Todd[_5_]
external usenet poster
 
Posts: 724
Default Windows 8 Firewall - How Good Is It?

On 06/10/2013 12:59 PM, Juan Wei wrote:
Todd has written on 6/10/2013 3:53 PM:
On 06/10/2013 12:35 PM, Juan Wei wrote:
Todd has written on 6/10/2013 3:18 PM:

snip

Just go for the Typical (Medium). The High will be a pain in the butt.
Make sure you have your personal firewall (meaning the one on your own
computer) active as well.

The idea here is to set up several fences. Don't rely on a single
fence for all your protection. It is easy for the bad guys to find
ways over a single fence, but multiples give them a bad time.

Another good fence is to not use Internet Explorer or anything that uses
it for its rendering engine (Outlook, etc.)

Even IE10???

Thanks.


Don't use IE period.


Why not?


Arguably, it is responsible for 85% of the virus infections out there.
You can always google IE and security issues.
  #25  
Old June 10th 13, 09:17 PM posted to alt.comp.os.windows-8
Todd[_5_]
external usenet poster
 
Posts: 724
Default Windows 8 Firewall - How Good Is It?

On 06/10/2013 01:01 PM, Juan Wei wrote:
Todd has written on 6/8/2013 4:23 PM:
Go look how your firewall performs for yourself at
GRC. You are looking for the Shields Up test.

https://www.grc.com/x/ne.dll?bh0bkyd2

If you are shooting through a NAT router (if your
I.P. is 192.168.xxx.xxx, you have a NAT router),
you will need to connect directly to the Internet.



How do you connect directly to the Interne if you have a NAT router?

Thanks.


Okay, most Internet modems provide dynamic addressed to
the local side. If you have a fix IP, then its gets
more complicated and you should call for a nerd.

That said, you take the cable that is going into the NAT
router's WAN (Wide Area Network) port and connect it to
your computer's Ethernet port. If you are using a Cable
Modem (Charter), you will have to power cycle the modem,
as it will only accept one device attached to it at a time.

If you are able to surf the Internet when you get your
cable repositioned, you are ready to go to GRC and
Shields Up. Get off direct connection as soon a possible.
And power cycle your cable modem when you put everything
back to normal.
  #26  
Old June 11th 13, 01:20 AM posted to alt.comp.os.windows-8
Juan Wei
external usenet poster
 
Posts: 553
Default Windows 8 Firewall - How Good Is It?

Todd has written on 6/10/2013 4:09 PM:
On 06/10/2013 12:59 PM, Juan Wei wrote:
Todd has written on 6/10/2013 3:53 PM:


Another good fence is to not use Internet Explorer or anything that uses
it for its rendering engine (Outlook, etc.)

Even IE10???

Thanks.


Don't use IE period.


Why not?


Arguably, it is responsible for 85% of the virus infections out there.
You can always google IE and security issues.


I did.

tomshardware.com said, "NSS Labs has released a new edition of its
security report that evaluates a browser's ability to block socially
engineered malware.

"The results reflect the ranking of the previously released report in
August of 2011 and found Internet Explorer (version 10) to be the safest
browser in this discipline under Windows 8. NSS Labs said that IE10
blocked 99.1 percent of the malware it was exposed to (virtually
dead-even with the 99.2 percent result from August of last year), but
Chrome improved its 13.2 percent result to 70.4 percent due to the
integration of enhanced file-based reputation screening. "

sitepont.com said, "Microsoft do not have a reputation for producing
secure software but the company is working hard to rectify that.
Internet Explorer is as good — if not better — than its competitors. "


  #27  
Old June 11th 13, 01:22 AM posted to alt.comp.os.windows-8
Juan Wei
external usenet poster
 
Posts: 553
Default Windows 8 Firewall - How Good Is It?

Todd has written on 6/10/2013 4:17 PM:
On 06/10/2013 01:01 PM, Juan Wei wrote:
Todd has written on 6/8/2013 4:23 PM:
Go look how your firewall performs for yourself at
GRC. You are looking for the Shields Up test.

https://www.grc.com/x/ne.dll?bh0bkyd2

If you are shooting through a NAT router (if your
I.P. is 192.168.xxx.xxx, you have a NAT router),
you will need to connect directly to the Internet.



How do you connect directly to the Interne if you have a NAT router?

Thanks.


Okay, most Internet modems provide dynamic addressed to
the local side. If you have a fix IP, then its gets
more complicated and you should call for a nerd.

That said, you take the cable that is going into the NAT
router's WAN (Wide Area Network) port and connect it to
your computer's Ethernet port. If you are using a Cable
Modem (Charter), you will have to power cycle the modem,
as it will only accept one device attached to it at a time.


I have a DSL modem/router (Westell 327W). My desktop computer already
connects to it via Ethernet cable.

Are you thinking of separate modems and routers?
  #28  
Old June 11th 13, 04:11 AM posted to alt.comp.os.windows-8
Todd[_5_]
external usenet poster
 
Posts: 724
Default Windows 8 Firewall - How Good Is It?

On 06/10/2013 05:20 PM, Juan Wei wrote:
Todd has written on 6/10/2013 4:09 PM:
On 06/10/2013 12:59 PM, Juan Wei wrote:
Todd has written on 6/10/2013 3:53 PM:


Another good fence is to not use Internet Explorer or anything that uses
it for its rendering engine (Outlook, etc.)

Even IE10???

Thanks.


Don't use IE period.

Why not?


Arguably, it is responsible for 85% of the virus infections out there.
You can always google IE and security issues.


I did.

tomshardware.com said, "NSS Labs has released a new edition of its
security report that evaluates a browser's ability to block socially
engineered malware.

"The results reflect the ranking of the previously released report in
August of 2011 and found Internet Explorer (version 10) to be the safest
browser in this discipline under Windows 8. NSS Labs said that IE10
blocked 99.1 percent of the malware it was exposed to (virtually
dead-even with the 99.2 percent result from August of last year), but
Chrome improved its 13.2 percent result to 70.4 percent due to the
integration of enhanced file-based reputation screening. "

sitepont.com said, "Microsoft do not have a reputation for producing
secure software but the company is working hard to rectify that.
Internet Explorer is as good — if not better — than its competitors. "




The key words to look at is "socially engineered malware". That
is a tiny part of the problem. Where IE is horrible is when you
log into an infected web site with IE and get instantly clobbered.

"socially engineered malware" is the type that tricks you into
installing the software for them.
  #29  
Old June 11th 13, 04:15 AM posted to alt.comp.os.windows-8
Todd[_5_]
external usenet poster
 
Posts: 724
Default Windows 8 Firewall - How Good Is It?

On 06/10/2013 05:22 PM, Juan Wei wrote:
Todd has written on 6/10/2013 4:17 PM:
On 06/10/2013 01:01 PM, Juan Wei wrote:
Todd has written on 6/8/2013 4:23 PM:
Go look how your firewall performs for yourself at
GRC. You are looking for the Shields Up test.

https://www.grc.com/x/ne.dll?bh0bkyd2

If you are shooting through a NAT router (if your
I.P. is 192.168.xxx.xxx, you have a NAT router),
you will need to connect directly to the Internet.


How do you connect directly to the Interne if you have a NAT router?

Thanks.


Okay, most Internet modems provide dynamic addressed to
the local side. If you have a fix IP, then its gets
more complicated and you should call for a nerd.

That said, you take the cable that is going into the NAT
router's WAN (Wide Area Network) port and connect it to
your computer's Ethernet port. If you are using a Cable
Modem (Charter), you will have to power cycle the modem,
as it will only accept one device attached to it at a time.


I have a DSL modem/router (Westell 327W). My desktop computer already
connects to it via Ethernet cable.

Are you thinking of separate modems and routers?


Yes. If your DSL modem and router are the same unit, you
have to tell you modem to be a pass through modem. This
gets a bit harry for the uninitiated. If your installation
is fixed and you pass GRC's Shields Up, plus you have
your personal firewall in place, you should be fine.

Also, firewalls do not protect against invited traffic,
like infected web pages, eMail, "socially engineered malware",
etc.. They protect against uninvited traffic. For invited
traffic, you need a good anti virus and your own common sense.
You are the last and final fence.
  #30  
Old June 11th 13, 03:36 PM posted to alt.comp.os.windows-8
Ant[_3_]
external usenet poster
 
Posts: 873
Default Windows 8 Firewall - How Good Is It?

On 6/8/2013 6:11 AM PT, Bucky Breeder typed:

When you know what you're doing,
you don't need no steenkeen firewall!


How do you block outgoing connections without a firewall and still be
online then? :P
--
"Imagine what it would be like to dive into a pool of army ants? You
would be nothing but bone in a matter of seconds. If you're not up to
that, just imagine putting your hand in a jar of them. It would have to
be labeled corrosive or something." --Zhan Huan Zhou
/\___/\ Ant(Dude) @ http://antfarm.ma.cx (Personal Web Site)
/ /\ /\ \ Ant's Quality Foraged Links: http://aqfl.net
| |o o| |
\ _ / If crediting, then use Ant nickname and AQFL URL/link.
( ) If e-mailing, then axe ANT from its address if needed.
Ant is currently not listening to any songs on this computer.
 




Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off






All times are GMT +1. The time now is 11:58 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 PCbanter.
The comments are property of their posters.